Vulnerabilidades em mozilla

1.863 resultados
CVE-2025-1414MEDIUMMemory safety bugs fixed in Firefox 135.0.1EPSS 0.4%CVE-2025-1012CRITICALUse-after-free during concurrent delazificationEPSS 0.4%CVE-2025-8044CRITICALMemory safety bugs fixed in Firefox 141 and Thunderbird 141EPSS 0.4%CVE-2022-45413MEDIUMUsing the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookEPSS 0.4%CVE-2026-4713HIGHIncorrect boundary conditions in the Graphics componentEPSS 0.4%CVE-2026-4708HIGHIncorrect boundary conditions in the Graphics componentEPSS 0.4%CVE-2026-4719HIGHIncorrect boundary conditions in the Graphics: Text componentEPSS 0.4%CVE-2025-1934MEDIUMUnexpected GC during RegExp bailout processingEPSS 0.4%CVE-2026-4714HIGHIncorrect boundary conditions in the Audio/Video componentEPSS 0.4%CVE-2021-4126MEDIUMWhen receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer addedEPSS 0.4%CVE-2025-8031CRITICALIncorrect URL stripping in CSP reportsEPSS 0.4%CVE-2026-2784CRITICALMitigation bypass in the DOM: Security componentEPSS 0.4%CVE-2023-37205The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox < 115.EPSS 0.4%CVE-2023-37204A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational functEPSS 0.4%CVE-2026-4715CRITICALUninitialized memory in the Graphics: Canvas2D componentEPSS 0.4%CVE-2023-5758MEDIUMWhen opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site ScripEPSS 0.4%CVE-2026-6758HIGHUse-after-free in the JavaScript: WebAssembly componentEPSS 0.4%CVE-2026-8975HIGHMemory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151EPSS 0.4%CVE-2022-31743MEDIUMFirefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been uEPSS 0.4%CVE-2022-29913MEDIUMThe parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child procesEPSS 0.4%